package com.xtaller.sdboot.config.interceptor;

import com.alibaba.fastjson.JSONObject;
import com.xtaller.sdboot.util.PermissionUtil;
import com.xtaller.sdboot.utils.helper.JsonHelper;
import io.jsonwebtoken.Claims;
import lombok.extern.slf4j.Slf4j;
import lombok.var;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Arrays;

/**
 * @author : Taller
 * @date : 2020/3/1 00:34
 * @Description :
 */
@Slf4j
@Component
public class PermissionFilter extends OriginalFilter {
    @Autowired private PermissionUtil permissionUtil;

    @Override
    public boolean preHandle(HttpServletRequest request,
                             HttpServletResponse response,
                             Object handler) throws Exception {
        var accessToken = request.getHeader("token");
        response.setHeader("Content-type", "text/html;charset=UTF-8");
        var pm = getByRequest(request);

        if(pm.getIsPermission()){
            // 读取用户缓存内的权限
            Claims claims = getInfoByToken(accessToken);
            if(claims == null){
                response.setStatus(401);
                response.getWriter().write(result(401, "Token认证信息失效"));
                return false;
            }

            // 判断用户是否是管理员
            var tokenKey = "account-" + claims.getId();
            var cache = cacheUtil.get(tokenKey, JSONObject.class);
            var info = JsonHelper.s2j(claims.getSubject());
            var permissions = JsonHelper.list();
            if(cache.getBoolean("isAdmin")){
                // 读取子系统权限
                var appKey = "permission-app-" + info.getString("applicationId");
                permissions = cacheUtil.getList(appKey);
            }else{
                // 读取出角色信息
                if(cache.get("role") == null){
                    response.setStatus(403);
                    response.getWriter().write(result(403, "当前尚未配置任何权限信息,请联系管理员配置."));
                    return false;
                }
                if(cache.getString("role").length() == 0){
                    response.setStatus(403);
                    response.getWriter().write(result(403, "当前尚未配置任何权限信息,请联系管理员配置."));
                    return false;
                }
                var roleIds = Arrays.asList(cache.getString("role").split(","));
                permissions = JsonHelper.o2l(permissionUtil.getRolePermission(roleIds));
            }

            if(permissions.size() == 0){
                response.setStatus(401);
                response.getWriter().write(result(401, "当前授权信息不存在"));
                return false;
            }

            var check = permissions.stream().filter(x -> x.getString("flag").equals(pm.getPermission())).findFirst();

            if(!check.isPresent()){
                response.setStatus(403);
                response.getWriter().write(result(403, "你没有这个操作权限"));
                return false;
            }
        }

        return true;
    }
}
